aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software Run date: 2015-01-30 16:15:04 ----------------------------- 16:15:04.398 OS Version: Windows 6.0.6002 Service Pack 2 16:15:04.398 Number of processors: 2 586 0xF0D 16:15:04.398 ComputerName: TRADE UserName: ron 16:15:13.276 Initialize success 16:15:13.308 VM: initialized successfully 16:15:13.308 VM: Intel CPU virtualization not supported 16:15:16.849 AVAST engine defs: 15013000 16:15:48.236 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 16:15:48.252 Disk 0 Vendor: WDC_WD3200AAKS-75VYA0 12.01B02 Size: 305245MB BusType: 3 16:15:48.688 Disk 0 MBR read successfully 16:15:48.704 Disk 0 MBR scan 16:15:48.720 Disk 0 Windows VISTA default MBR code 16:15:48.766 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305243 MB offset 2048 16:15:48.782 Disk 0 scanning sectors +625140400 16:15:48.969 Disk 0 scanning C:\Windows\system32\drivers 16:16:02.947 Service scanning 16:16:23.554 Modules scanning 16:16:23.601 Disk 0 trace - called modules: 16:16:23.679 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys 16:16:23.710 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85c00378] 16:16:23.742 3 CLASSPNP.SYS[88bac8b3] -> nt!IofCallDriver -> [0x85077408] 16:16:23.773 5 acpi.sys[806a46bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85a0c528] 16:16:24.459 AVAST engine scan C:\Windows 16:16:33.850 AVAST engine scan C:\Windows\system32 16:19:57.510 AVAST engine scan C:\Windows\system32\drivers 16:20:24.453 AVAST engine scan C:\Users\ron 16:42:42.194 File: C:\Users\ron\AppData\Local\Temp\conhost.exe **INFECTED** Win32:Kryptik-OUJ [Trj] 16:42:42.603 File: C:\Users\ron\AppData\Local\Temp\Low\SessionWin32k\9062\conhost.exe **INFECTED** Win32:Kryptik-OUJ [Trj] 16:59:10.414 AVAST engine scan C:\ProgramData 17:05:52.818 Disk 0 statistics 3148607/0/0 @ 0.59 MB/s 17:05:52.864 Scan finished successfully 17:06:28.848 Disk 0 MBR has been saved successfully to "C:\Users\ron\Desktop\MBR.dat" 17:06:28.895 The log file has been saved successfully to "C:\Users\ron\Desktop\aswMBR.txt"